Public Partnerships LLC
Sr Network Security Engineer
Vaga remota de Network Security Engineer com fit claro de localização do candidato.
Publicada10 de jun. de 2026
Países elegíveis1 país aceito
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Estados Unidos
Resumo da vaga
Sr Network Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Key Responsibilities
- Define and maintain PPL's network security requirements, standards, and baselines for cloud, on-premises, and remote-access environments — including Fortinet firewall configuration baselines, Azure and AWS network security baselines, segmentation standards, and secure remote-access requirements.
- Review and validate network architecture and design changes from a security perspective — providing requirements, recommendations, and sign-off as appropriate before changes are implemented by Infrastructure or Cloud Engineering.
- Drive PPL's zero-trust networking strategy across cloud, physical, and remote-workforce environments — establishing the security model, segmentation principles, and identity-aware access requirements that Infrastructure and Cloud Engineering execute against.
- Evaluate, recommend, and provide security requirements for new network security technologies (SASE/SSE platforms, NDR, DNS security, etc.) that improve visibility, reduce risk, and support automation across the enterprise.
- Define network-layer and zero-trust controls for enterprise AI service traffic — including egress policies, conditional access, and data-leakage protections for approved AI assistants (e.g., Microsoft Copilot, Claude) to enable responsible AI use while protecting PHI and proprietary data.
- Partner closely with the broader Infrastructure team — including the Sr. Network Engineer, systems and cloud engineers, and supporting infrastructure staff — to translate network security requirements into actionable engineering work and maintain consistent controls across Azure, AWS, Fortinet, and remote-access environments.
- Collaborate with DevOps and Cloud Engineering teams to embed network security controls into infrastructure-as-code, CI/CD pipelines, and automated deployment patterns — ensuring network security is enforced consistently and at the speed of delivery.
- Partner with Application Development teams on secure application network design — reviewing API exposure, service-to-service communication, ingress/egress requirements, and third-party integration patterns to ensure new and existing applications align with PPL's network security standards.
Network Threat Detection & Incident Response
- Conduct security reviews and assessments of PPL's network environment — including Fortinet firewall and wireless infrastructure (e.g., FortiGate, FortiAnalyzer), Azure network controls (NSGs, Azure Firewall, Application Gateway/WAF, private endpoints, ExpressRoute/VPN gateways), AWS network controls (security groups, NACLs, AWS Network Firewall, WAF, Transit Gateway, etc.), and ZTNA/VPN platforms.
- Lead periodic firewall rule reviews, segmentation validation, access-path analysis, and review of third-party network connections (vendor VPNs, B2B integrations, partner tunnels) and approved AI service connections to identify overly permissive rules, stale exceptions, and gaps against PPL's security standards; partner with Infrastructure on remediation.
- Validate secure configuration of network and network security devices against industry benchmarks (e.g., CIS, Fortinet hardening guides, cloud provider best practices) and PPL's internal standards — through periodic reviews and continuous posture monitoring where available.
- Coordinate with the vulnerability management program to identify, prioritize, and track remediation of network-related vulnerabilities across Fortinet devices, cloud network services, and supporting infrastructure.
- Lead architecture-level network security review for new initiatives — including new applications, SaaS solutions, and IT purchases with network connectivity or data-flow implications — ensuring alignment with PPL's network security standards.
- Develop and report network security posture metrics to leadership — including firewall rule review coverage, segmentation gaps, network vulnerability remediation, and progress against zero-trust initiatives — to inform program prioritization and demonstrate control effectiveness.
Network Threat Detection & Incident Response
- Serve as the Information Security team's senior escalation point for network-related security incidents — supporting investigation, containment, eradication, and recovery efforts across cloud and on-premises environments.
- Lead network forensics activities, including packet capture analysis, flow analysis (NetFlow, VPC flow logs), and review of firewall, proxy, and DNS logs to reconstruct attacker activity and inform response decisions.
- Utilize the SIEM platform during incident investigation and response — running network-focused queries across firewall, proxy, DNS, and cloud network telemetry to correlate events, identify scope, and reconstruct attacker activity.
- Leverage the enterprise XDR platform to correlate network signal with endpoint, identity, and email data during incidents — enabling cross-domain visibility that informs containment, remediation, and root-cause analysis.
- Lead network-specific threat hunting and adversary behavior analysis aligned to MITRE ATT&CK and current threat intelligence — particularly for techniques involving network reconnaissance, lateral movement, and data exfiltration in cloud and remote-access environments — in partnership with the Security Operations, IT & Cloud Security, AppSec/DevSecOps, and GRC functions across the broader incident response program.
- Direct network-layer containment actions (firewall blocks, segmentation changes, DNS sinkholing, conditional access enforcement, etc.) during active incidents — working through Infrastructure for execution and ensuring changes are documented and reversible.
- Contribute to post-incident reviews, identifying network-related root causes and recommending architectural, configuration, or operational improvements.
Monitoring & Detection Oversight
- Provide security oversight of network monitoring tools and platforms — including NDR, IDS/IPS, DNS security, and the use of firewall, proxy, and TLS-inspection logs — ensuring detections, alerts, and logging meet PPL's security requirements.
- Collaborate with SOC analysts on tuning network-layer detections to reduce false positives, improve signal quality, and align with current threat intelligence.
- Maintain situational awareness of emerging network-based threats, vulnerabilities, and attack vectors (e.g., ransomware command-and-control patterns, DNS tunneling, cloud lateral movement) and translate them into updated requirements, detections, and review priorities.
- Maintain documentation for network security standards, review procedures, runbooks, and assessment findings to support operational consistency and audit readiness.
Risk, Compliance & Governance Support
- Provide network security input into risk assessments, evaluating systems, applications, vendors, and services for network-layer exposure and recommending mitigating or compensating controls.
- Partner with the GRC function to evidence network security controls for NIST 800-53, HIPAA, SOC 2, and CMS audits — including firewall rule review evidence, segmentation documentation, cloud network configuration, and remote-access control artifacts.
- Collaborate with the GRC function on the development, maintenance, and enforcement of network security policies, standards, and procedures across the organization.
- Review and approve WAF and firewall policy changes, AI service access requests, and temporary security exceptions — ensuring requests align with PPL's network security standards and that exceptions are documented, time-bounded, and tracked through to remediation or renewal.
Collaboration, Communication & Awareness
- Partner across Infrastructure, Cloud Engineering, DevOps, Application Development, and the broader Cybersecurity team to translate security requirements into effective controls without disrupting business operations.
- Communicate network security findings, risks, and recommendations to both technical and non-technical audiences, including leadership.
- Contribute to security awareness initiatives, particularly around safe remote work practices, secure remote access, and phishing/social-engineering threats with a network component.
- Provide technical mentorship and direction to junior security and SOC staff on network security concepts, tooling, and investigation techniques.
Required Skills:
- Strong knowledge of information security and network security principles, controls, and best practices across cloud, on-premises, and remote-workforce environments.
- Hands-on experience assessing, configuring, or operating Fortinet firewall environments (FortiGate, FortiAnalyzer, FortiManager) at scale; ability to review configurations, rules, and policies for security compliance.
- Demonstrated knowledge of cloud network security in Microsoft Azure (NSGs, Azure Firewall, Application Gateway/WAF, private endpoints, hub-and-spoke design, ExpressRoute/VPN gateways) and AWS (security groups, NACLs, AWS Network Firewall, WAF, Transit Gateway, PrivateLink).
- Experience defining security requirements and reviewing architectures for ZTNA and secure remote access for distributed and remote-first workforces, including conditional access, identity-aware proxies, and integration with modern identity platforms.
- Demonstrated experience with network segmentation, micro-segmentation, and zero-trust networking principles.
- Proficiency in network protocols, routing, switching, TLS inspection, and packet/flow analysis sufficient to support detection engineering and incident response across cloud and on-premises environments.
- Proven ability to investigate, analyze, and respond to network-based security incidents, including log analysis, alert triage, and forensic review.
- Exposure to artificial intelligence platforms and the network security considerations specific to them — including data egress controls, secure access to AI services, and monitoring of AI-related network traffic.
- Strong understanding of healthcare-relevant regulatory and framework requirements (HIPAA, NIST 800-53, SOC 2, CMS) as they apply to network security controls.
- Ability to communicate network security findings, risks, and recommendations effectively to both technical and non-technical stakeholders.
- Strong organizational skills with the ability to manage multiple workstreams simultaneously.
Vagas similares
Mantenha uma lista reserva.
AWS, Azure USA
Staff Backend Engineer- Application Core Services, Stacks| USA| RemoteGrafana LabsVer vaga AWS, Azure 8 países aceitos
Senior DevOps EngineerFionetVer vaga AWS, CI/CD 8 países aceitos
DevOps EngineerRedwoodVer vaga Azure USA
Staff Backend Engineer- Session Replay| USA| RemoteGrafana LabsVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.